<%#
kind: user_data
name: UserData default
model: ProvisioningTemplate
oses:
- CentOS
- Fedora
- Debian
- Ubuntu
-%>
<%#
This template accepts the following parameters:
- ssh_pwauth: boolean (default=true unless ssh_authorized_keys)
- ssh_authorized_keys: string w newline seperated keys (default="")
- package_upgrade: boolean (default=false)
- reboot: boolean (default=false)
-%>
<%
  ssh_pwauth = host_param('ssh_pwauth') ? host_param_true?('ssh_pwauth') : !host_param('ssh_authorized_keys')
  rhel_compatible = @host.operatingsystem.family == 'Redhat' && @host.operatingsystem.name != 'Fedora'
  # safemode renderer does not support unary negation
  pm_set = @host.puppetmaster.empty? ? false : true
  puppet_enabled = pm_set || host_param_true?('force-puppet')
  salt_enabled = host_param('salt_master') ? true : false
  chef_enabled = @host.respond_to?(:chef_proxy) && @host.chef_proxy
-%>
#cloud-config
hostname: <%= @host.shortname %>
fqdn: <%= @host %>
manage_etc_hosts: true
<% if ssh_pwauth -%>
<%# Don't enable this in production. It is very insecure! Use ssh_authorized_keys instead...
    http://cloudinit.readthedocs.io/en/latest/topics/examples.html#including-users-and-groups -%>
ssh_pwauth: true
groups:
- admin
users:
- default
- name: admin
  primary-group: admin
  groups: users
  shell: /bin/bash
  sudo: ['ALL=(ALL) ALL']
  lock-passwd: false
  passwd: <%= @host.root_pass %>
<% end -%>
<% if host_param('ssh_authorized_keys') -%>
ssh_authorized_keys:
<% host_param('ssh_authorized_keys').split("\n").each do |ssh_key| -%>
- <%= ssh_key %>
<% end -%>
<% end -%>

<% if host_param_true?('package_upgrade') -%>
package_upgrade: true
<% end -%>

runcmd:
<% if rhel_compatible -%>
- |
<%= indent(2) { snippet('epel') } %>
<% end -%>
- |
<%= indent(2) { snippet('remote_execution_ssh_keys') } %>
<% if chef_enabled -%>
- |
<%= indent(2) { snippet('chef_client') } %>
<% end -%>
<% if puppet_enabled -%>
- |
<%= indent(2) { snippet('puppetlabs_repo') } %>
- |
<%= indent(2) { snippet('puppet_setup') } %>
<% end -%>
<% if salt_enabled -%>
- |
<%= indent(2) { snippet('saltstack_setup') } %>
<% end -%>

<%# Contact Foreman to confirm instance is built -%>
phone_home:
  url: <%= foreman_url('built') %>
  post: []
  tries: 10

<% if host_param_true?('reboot') -%>
power_state:
  mode: reboot
  timeout: 30
  condition: true
<% end -%>
